Overview

overview

10

Static

static

5

94594c84bb...dN.exe

windows7-x64

10

94594c84bb...dN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94594c84bb9bc495d57056c5f47e23671b5f811e73823900e4791a84ec85984dN.exe

  • Size

    1.2MB

  • Sample

    250102-frybbsvlgz

  • MD5

    96443525ef3471652cfd7b712f7a3860

  • SHA1

    4cf50a54c2126020db87fab1ca1052a12c13ab75

  • SHA256

    94594c84bb9bc495d57056c5f47e23671b5f811e73823900e4791a84ec85984d

  • SHA512

    166dc78dc08c7f35418d6b00dc2eb0d344617a6ff078205e877a927818376d878a56ec693999350ed1ab4047de1f1be80797bf0db28eb085b8b7ba4b2a1755dd

  • SSDEEP

    24576:Wq5TfcdHj4fmbC3F2qGY+Ub5LMmWLui01KzGa+hLJoiLT6zeAfY:WUTsamGFxuLuiUJLJoiLT7

Score
10/10
revengeratdiscoverystealertrojanupx

Malware Config

Targets

    • Target

      94594c84bb9bc495d57056c5f47e23671b5f811e73823900e4791a84ec85984dN.exe

    • Size

      1.2MB

    • MD5

      96443525ef3471652cfd7b712f7a3860

    • SHA1

      4cf50a54c2126020db87fab1ca1052a12c13ab75

    • SHA256

      94594c84bb9bc495d57056c5f47e23671b5f811e73823900e4791a84ec85984d

    • SHA512

      166dc78dc08c7f35418d6b00dc2eb0d344617a6ff078205e877a927818376d878a56ec693999350ed1ab4047de1f1be80797bf0db28eb085b8b7ba4b2a1755dd

    • SSDEEP

      24576:Wq5TfcdHj4fmbC3F2qGY+Ub5LMmWLui01KzGa+hLJoiLT6zeAfY:WUTsamGFxuLuiUJLJoiLT7

    Score
    10/10
    revengeratdiscoverystealertrojanupx

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Revengerat family

      revengerat

    • RevengeRat Executable

      stealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks